Date: Mon, 31 Oct 2005 16:25:45 +0000 From: suporte@wahtec.com.br To: freebsd-security@freebsd.org Subject: More on freebsd-update (WAS: Is the server portion of freebsd-update open source?) Message-ID: <200510311625.46334.suporte@wahtec.com.br> In-Reply-To: <20051030120107.CD5CF16A422@hub.freebsd.org> References: <20051030120107.CD5CF16A422@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> Date: Sat, 29 Oct 2005 07:34:28 -0700 > From: Colin Percival <cperciva@freebsd.org> > Subject: Re: Is the server portion of freebsd-update open source? > To: markzero <mark@darklogik.org> > Cc: freebsd-security@freebsd.org > Message-ID: <43638874.2020004@freebsd.org> > Content-Type: text/plain; charset=ISO-8859-1 > > markzero wrote: > > No this isn't insufficient, what is insufficient is that I currently > > can't run a local freebsd-update server. I'm quite limited by bandwidth > > here, you see. What would make more sense in my situation would be to > > have a local mirror of the 'official' freebsd-update server so that > > all of my machines can sync to that rather than all of them downloading > > over the WAN. > > Go ahead. :-):-) > > FreeBSD Update relies entirely upon static files served over HTTP, so if > you point your favourite HTTP mirroring tool at update.daemonology.net > you can create a local mirror. > > Another approach which is likely to be more useful is to set up an HTTP > proxy: Since many files on the FreeBSD Update web server won't be fetched > by most systems (FreeBSD Update attempts to use binary patches, and only > falls back to fetching complete files if the patching fails), using a > caching HTTP proxy will use far less bandwidth than mirroring everything. > > Colin Percival Hi, I have two questions to add to this thread... 1- if and when freebsd-update will be the official freebsd system binary update? Like, when it will be part of freebsd structure, with a dedicated server and stuff? ... It's far better then updating by cvs. 2- for future plans, is there any possibility to customize or add some features to kernels on official freebsd-update server? IPSEC is quite important on security. Since there isn't a LKM to use IPSEC (correct me if I'm wrong), when someone compiles the kernel to add it, he looses the freebsd-update kernel update. Regards, --aristeu PS: is there a way to use IPSEC without compiling the kernel?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200510311625.46334.suporte>